<?php
/**
 * Class User
 * Date: 16-06-2011
 **/
 
class User{
	
	var $username 	= "";
	var $password 	= "";
	var $email 		= "";
	var $gid 		= 0;
	var $db;
	var $valid		= false;
	var $byEmail	= false;
	var $id			= 0;
	
	function User($db="",$byEmail=true){
		$this->db = $db;
		$this->loginBy = $byEmail;
	}
	
	/**
	 * Getting
	 **/
	function getUsername(){
		return $this->username;
	}
	
	function getPassword(){
		return $this->password;
	}
	
	function getEmail(){
		return $this->email;
	}
	
	function getGid(){
		return $this->gid;
	}
	
	function getIdentity(){
		return $this->getUsername();
	}
	
	function getId(){
		return $this->id;
	}
	
	//ToDo?
	function isActive(){
		return true;
	}
	
	/**
	 * Setting
	 **/
	function setUsername($value){
		$this->username = $value;
	}
	
	function setPassword($value){
		$this->password = $value;
	}
	
	function setEmail($value){
		$this->email = $value;
	}
	
	function setGid($value){
		$this->gid = $value;
	}
	
	function setDb($value){
	 	$this->db = $value;
	}
	
	function setValid($value){
		$this->valid = $value;
	}
	
	/**
	 * Functions
	 */
	
	function isValid(){
		return $this->valid;
	}
	
	function verifPassword($password){
		return (md5($this->getPassword())==$password);
	}
	
	function hasIdentity(){
		return ($this->getEmail()!='');
	}
	
	function clearIdentity(){
		$this->username = $this->password = $this->email = "";
		$this->gid = 0;
	}
	
	function setIdentity($value){
		$this->setUsername($value);
		$this->setEmail($value);
	}
	
	function setCredential($value){
		$this->setPassword($value);
	}
	
	function isExists($value,$row="email"){
		$query = "
			SELECT * 
			FROM user
			WHERE `".$row."` = '".mysql_real_escape_string($value)."'
		";
		return $this->db->fetch_assoc($this->db->query($query));
	}
	
	function authenticate(){
	
		$query = "
			SELECT id, count(*) as counter 
			FROM `user`
			WHERE `email` = 	'".mysql_real_escape_string($this->getUsername())."' AND
				  `password` = 	'".md5($this->getPassword())."'
		";

		list($this->id,$count_user)=mysql_fetch_row($this->db->query($query));
		
		$this->setValid(($count_user==1));
		
		return $this->isValid();
	}	
	
	function insert(){
		$query = "
			INSERT INTO `user` (`email`,`password`)
						VALUES ('".mysql_real_escape_string($this->getEmail())."','".md5($this->getPassword())."')
		";
		
		$this->db->query($query);
		$this->id = mysql_insert_id();
		
		//Send Email to user
		$headers = sprintf ("From: %s - Babili <%s>\r\n",BABILI_COMPANY,BABILI_CONTACAT);
		$message = sprintf (BABILI_TPL_EMAIL_REGISTER,BABILI_COMPANY,$this->getUsername(),$this->getPassword(),BABILI_COMPANY); 
		//mail($_POST['username'],BABILI_TPL_EMAIL_REGISTER_SUBJ,$message,$headers);
	}
	
	function lostYourPassword(){
		//To remove and add redirect to the page "Lost your password"
		$headers = sprintf ("From: %s - Babili <%s>\r\n",BABILI_COMPANY,BABILI_CONTACAT);
		$message = sprintf (BABILI_TPL_EMAIL_LOST_PASSWORD,BABILI_COMPANY,$this->getUsername(),babili_decrypt($this->getPassword()),BABILI_COMPANY);				
		//mail($_POST['username'],BABILI_TPL_EMAIL_LOST_PASSWORD_SUBJ,$message,$headers);	
	}
}
?>